30 open-source projects similar to xairy/kernel-exploits, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Kernel Exploits alternative.
This project is a public exploit code archive and vulnerability database. It serves as a collection of documented software exploits and vulnerability data, providing a reference library of exploit scripts and payloads used to validate security flaws in target environments. The archive supports security threat intelligence, vulnerability research, and penetration testing workflows. It functions as a historical record of software vulnerabilities and the proof-of-concept code used to trigger them. The codebase is organized through directory-based categorization and flat-file data storage, utili
Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
Exphub is a CVE exploit script library and enterprise software vulnerability suite designed to verify and exploit known security flaws in server environments such as WebLogic, Struts2, Tomcat, and JBoss. It functions as a remote code execution toolkit and a web shell deployment framework for triggering unauthorized command execution and establishing persistent access on remote systems. The project includes specialized utilities for internal network reconnaissance, specifically using server-side request forgery to scan for open ports and services. It further provides mechanisms for bypassing a
IntruderPayloads is a collection of curated fuzzing lists, security wordlists, and a vulnerability research dataset. It provides sets of strings and patterns designed to discover undocumented pages, directories, and hidden content on web servers. The project includes a payload collection specifically for Burp Suite Intruder and other web security tools, as well as a library of specially crafted files used to test for remote code execution and insecure file upload vulnerabilities. It also provides a web pentesting methodology consisting of structured checklists and guides for identifying commo
dirtyfrag is a proof-of-concept exploit for Linux kernel privilege escalation. It targets page-cache write vulnerabilities to elevate user permissions to administrative root levels. The project demonstrates a deterministic exploit chain that utilizes functional proofs-of-concept for vulnerabilities in the xfrm-ESP protocol implementation and the RxRPC mechanism. By chaining these memory corruption vulnerabilities, the exploit achieves root access without relying on timing-based race conditions. The tool covers kernel memory manipulation and the development of exploit chains to test local pri
HowToHunt is a bug bounty hunting knowledge base and a structured guide for web application penetration testing. It provides a research methodology for organizing security testing procedures and validating application behaviors against known vulnerability patterns. The project features a curated library of security flaws and reconnaissance techniques. It organizes security testing into modular playbooks, checklists, and categorical vulnerability mappings to align specific exploitation techniques with target weaknesses. The repository covers a systematic sequence of information gathering task
A Go implementation of copyfail (CVE-2026-31431)
This is where I'm uploading kernel exploits written by me
Find exploits in local and online databases instantly
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. No KASLR
A root exploit for CVE-2022-0847 (Dirty Pipe)
PHP Security Advisories Database
some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G.
This repository contains several tools Project Zero uses to test iPhone messaging. It includes:
A PoC application demonstrating the power of an Android kernel arbitrary R/W.
Temproot for Pixel 2 and Pixel 2 XL via CVE-2019-2215
This project is a bug bounty resource directory, vulnerability research cheatsheet, and web security payload library. It serves as a centralized collection of curated payloads and common attack vectors used to identify security vulnerabilities in web applications. The repository provides a directory of platforms, books, and tools to support vulnerability discovery skills. It includes a reference for tested payloads and techniques used to trigger bugs and identify vulnerabilities during security audits. The content covers web application pentesting, security vulnerability testing, and general
Exploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.
SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log